|
|
#1
August 23rd, 2007, 04:54 PM
|
|||
|
|||
Bioshock PC Game - Can NOD32 remove the rootkit?
Hi!
I guess many people besides me have heard about all the issues with the recently released Bioshock game. Apparently it comes with SecuROM copyprotection which adds a rootkit on your system. Is NOD32 capable of discover/remove this? I downloaded and installed the demo yesterday but so far NOD hasn't reacted. Links: http://forums.2kgames.com/forums/showthread.php?t=5993 http://consumerist.com/consumer/puni...day-292841.php Last edited by Xophile : August 23rd, 2007 at 05:40 PM. |
|
#2
August 25th, 2007, 08:08 AM
|
|||
|
|||
|
Re: Bioshock PC Game - Can NOD32 remove the rootkit?
Usually rootkis are hidden and dont tell you that you have to reboot or deinstall something (a virtual drive like alcohol 120% as an example). You have three options: dont buy it, dont install it, dont play it.
|
|
#3
August 25th, 2007, 10:07 AM
|
||||
|
||||
|
Re: Bioshock PC Game - Can NOD32 remove the rootkit?
I think rootkits are a gray area, certainly an entirely different debate.
Securom is from a legit company, it doesn't have a malicious intent, it's part of the game. It's also visible to Windows...it does install a service. I think true rootkits are entirely hidden from the OS. I think the jury is out as to if Securom is indeed a rootkit...Google it and Bioshock and you'll see forums debating the subject. Rootkits as a technology certainly can have malicious intents, and be dangerous if used in such a manner. Sooo...question is...does/should NOD32 detect ALL rootkits...regardless if legit software.
__________________
Guinness for Strength! |
|
#4
August 25th, 2007, 11:20 AM
|
||||
|
||||
|
Re: Bioshock PC Game - Can NOD32 remove the rootkit?
Only AVG stops it from installing which I find pretty funny. Nothing else detects it.
__________________
AntiVir Premium ▪ FD-ISR Pro ▪ Firefox 3 ▪ Jetico 2 Firewall ASAP Member |
|
#5
August 25th, 2007, 01:22 PM
|
|||
|
|||
|
Re: Bioshock PC Game - Can NOD32 remove the rootkit?
Quote:
Yes, I think it should detect it, and then ask us if we allow it or have it removed (and keep track of the decisions in a exclusion/inclusion list). Kind regards Itsme |
|
#6
August 26th, 2007, 09:56 AM
|
||||
|
||||
|
Re: Bioshock PC Game - Can NOD32 remove the rootkit?
I spent a little more time hunting/googling Securom.....it appears that media frenzy has it hyped up to be mislabeled as a rootkit, and some of the better, more technical/accurate forums are indeed stating that it is not a rootkit. Including a Microsoft tech forum..where a moderator there is stating that it is not a rootkit.
The fact that is does create a service on your computer which you can easily see in services.msc (it's NOT hidden) leads me to believe it's not a rootkit either. AFAIK...Rootkits by definition, are supposed to be totally hidden.
__________________
Guinness for Strength! |
|
#7
August 26th, 2007, 10:37 AM
|
||||
|
||||
Re: Bioshock PC Game - Can NOD32 remove the rootkit?
Quote:
Cheers 
__________________
1. What is right is always The Truth. 2. Every Truth is supported in agreement by every Truth. 3. If the facts would persuade you otherwise, see 1. ESET Reseller (Australia) |
|
#8
August 26th, 2007, 03:07 PM
|
||||
|
||||
|
Re: Bioshock PC Game - Can NOD32 remove the rootkit?
Quote:
Quote:
__________________
"Pouvoir ŕ l'Imagination. Power to the imagination. La imaginación al poder". "Perfect is the enemy of good enough". Voltaire. |
|
#9
August 27th, 2007, 02:00 AM
|
||||
|
||||
|
Re: Bioshock PC Game - Can NOD32 remove the rootkit?
Quote:
What is the name of the service please? |
|
#10
August 27th, 2007, 02:23 AM
|
||||
|
||||
|
Re: Bioshock PC Game - Can NOD32 remove the rootkit?
just dont buy it, dont support any PC Game wiht that kind of protection, get a Console and you will have you pc clean of crap like this one
__________________
English Is Not My First Language |
|
#11
August 27th, 2007, 06:50 AM
|
||||
|
||||
|
Re: Bioshock PC Game - Can NOD32 remove the rootkit?
Quote:
__________________
"Pouvoir ŕ l'Imagination. Power to the imagination. La imaginación al poder". "Perfect is the enemy of good enough". Voltaire. |
|
#12
August 27th, 2007, 08:20 AM
|
||||
|
||||
|
Re: Bioshock PC Game - Can NOD32 remove the rootkit?
Quote:
Thanks Lucas, within that wiki article reads: Latest SecuROM Versions are all 7.x versions which are released and updated continuously. SecuROM 7.x installs its own service to user's computer UAService7.exe — (ring 3), which works in ring 3 of the computer's operating system. |
|
#13
August 27th, 2007, 07:54 PM
|
||||
|
||||
|
Re: Bioshock PC Game - Can NOD32 remove the rootkit?
I don't think NOD32 or many other AVs are going to add detection for this for various legal reasons. I am, however, surprised to hear that AVG of all the vendors is detecting it....
__________________
Last edited by Radu : Today, at 5:32 AM. Reason: Found new malicious code |
|
#14
August 28th, 2007, 07:29 AM
|
||||
|
||||
|
Re: Bioshock PC Game - Can NOD32 remove the rootkit?
Quote:
Anything from Wikipedia should be taken with a grain of salt....anyone can contribute to it, leading to often mis-tinfoil hatted-information.
__________________
Guinness for Strength! |
|
#15
August 29th, 2007, 11:46 AM
|
|||
|
|||
|
Re: Bioshock PC Game - Can NOD32 remove the rootkit?
Well I managed to get myself infected with a very nasty trojan whilst messing with Bioshock. Here's a link that contains the symptoms and how to remove.
http://kb.mozillazine.org/Firefox.exe_always_open The only application that I was able to find that located the culprit (regedt.exe file in windows/system32 which was hidden in the explorer, notice the file name) was ADS Spy. This neat little program is able to locate hidden data streams that AV software and regular trojan scanners cannot find. A registry key is also created. I've also heard that AVG is able to locate and remove this, but NOD didn't. Does anyone have any tips or suggestions on highly reliable Trojan Scanners ? I tried Trojan Hunter, but it missed this nasty little beast. |
|
#16
August 29th, 2007, 12:02 PM
|
||||
|
||||
|
Re: Bioshock PC Game - Can NOD32 remove the rootkit?
Good heavens that idiocy about a rootkit originated from a blog by a clueless guy who tried to get more attetion to his blog by using the term "rootkit" for a registry key that was hidden because of a "*" in the key name. He removed the term Rootkit after being subjected to a thorough bashing by commenters both on his blog and slashdot. Too late for some news sites / bloggers / forums to notice, which means this FUD continues to get spread.
There is NO rootkit in there. Don't believe every FUD bloggers post and random news sites pick up without checking the facts. It does contain some really stupid copy protection, but nothing of it resembles a rootkit. The copy protection service is neither hidden nor does it try to prevent deactivation or uninstallation. The correct news would be: Securom copy protection software has a registry key that cannot be deleted because of a special character. No rootkit, no malware, no nothing. /me crawls away to play some more BioShock, which is an awesome game
__________________
Human beings can always be relied upon to exert, with vigor, their God-given right to be stupid. |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
